setting.go 13 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452
  1. // Copyright 2014 The Gogs Authors. All rights reserved.
  2. // Use of this source code is governed by a MIT-style
  3. // license that can be found in the LICENSE file.
  4. package user
  5. import (
  6. "errors"
  7. "fmt"
  8. "io/ioutil"
  9. "strings"
  10. "github.com/Unknwon/com"
  11. "github.com/gogits/gogs/models"
  12. "github.com/gogits/gogs/modules/auth"
  13. "github.com/gogits/gogs/modules/base"
  14. "github.com/gogits/gogs/modules/context"
  15. "github.com/gogits/gogs/modules/log"
  16. "github.com/gogits/gogs/modules/setting"
  17. )
  18. const (
  19. SETTINGS_PROFILE base.TplName = "user/settings/profile"
  20. SETTINGS_AVATAR base.TplName = "user/settings/avatar"
  21. SETTINGS_PASSWORD base.TplName = "user/settings/password"
  22. SETTINGS_EMAILS base.TplName = "user/settings/email"
  23. SETTINGS_SSH_KEYS base.TplName = "user/settings/sshkeys"
  24. SETTINGS_SOCIAL base.TplName = "user/settings/social"
  25. SETTINGS_APPLICATIONS base.TplName = "user/settings/applications"
  26. SETTINGS_DELETE base.TplName = "user/settings/delete"
  27. NOTIFICATION base.TplName = "user/notification"
  28. SECURITY base.TplName = "user/security"
  29. )
  30. func Settings(ctx *context.Context) {
  31. ctx.Data["Title"] = ctx.Tr("settings")
  32. ctx.Data["PageIsSettingsProfile"] = true
  33. ctx.HTML(200, SETTINGS_PROFILE)
  34. }
  35. func handleUsernameChange(ctx *context.Context, newName string) {
  36. // Non-local users are not allowed to change their username.
  37. if len(newName) == 0 || !ctx.User.IsLocal() {
  38. return
  39. }
  40. // Check if user name has been changed
  41. if ctx.User.LowerName != strings.ToLower(newName) {
  42. if err := models.ChangeUserName(ctx.User, newName); err != nil {
  43. switch {
  44. case models.IsErrUserAlreadyExist(err):
  45. ctx.Flash.Error(ctx.Tr("newName_been_taken"))
  46. ctx.Redirect(setting.AppSubUrl + "/user/settings")
  47. case models.IsErrEmailAlreadyUsed(err):
  48. ctx.Flash.Error(ctx.Tr("form.email_been_used"))
  49. ctx.Redirect(setting.AppSubUrl + "/user/settings")
  50. case models.IsErrNameReserved(err):
  51. ctx.Flash.Error(ctx.Tr("user.newName_reserved"))
  52. ctx.Redirect(setting.AppSubUrl + "/user/settings")
  53. case models.IsErrNamePatternNotAllowed(err):
  54. ctx.Flash.Error(ctx.Tr("user.newName_pattern_not_allowed"))
  55. ctx.Redirect(setting.AppSubUrl + "/user/settings")
  56. default:
  57. ctx.Handle(500, "ChangeUserName", err)
  58. }
  59. return
  60. }
  61. log.Trace("User name changed: %s -> %s", ctx.User.Name, newName)
  62. }
  63. // In case it's just a case change
  64. ctx.User.Name = newName
  65. ctx.User.LowerName = strings.ToLower(newName)
  66. }
  67. func SettingsPost(ctx *context.Context, form auth.UpdateProfileForm) {
  68. ctx.Data["Title"] = ctx.Tr("settings")
  69. ctx.Data["PageIsSettingsProfile"] = true
  70. if ctx.HasError() {
  71. ctx.HTML(200, SETTINGS_PROFILE)
  72. return
  73. }
  74. handleUsernameChange(ctx, form.Name)
  75. if ctx.Written() {
  76. return
  77. }
  78. ctx.User.FullName = form.FullName
  79. ctx.User.Email = form.Email
  80. ctx.User.Website = form.Website
  81. ctx.User.Location = form.Location
  82. if err := models.UpdateUser(ctx.User); err != nil {
  83. ctx.Handle(500, "UpdateUser", err)
  84. return
  85. }
  86. log.Trace("User settings updated: %s", ctx.User.Name)
  87. ctx.Flash.Success(ctx.Tr("settings.update_profile_success"))
  88. ctx.Redirect(setting.AppSubUrl + "/user/settings")
  89. }
  90. // FIXME: limit size.
  91. func UpdateAvatarSetting(ctx *context.Context, form auth.AvatarForm, ctxUser *models.User) error {
  92. ctxUser.UseCustomAvatar = form.Source == auth.AVATAR_LOCAL
  93. if len(form.Gravatar) > 0 {
  94. ctxUser.Avatar = base.EncodeMD5(form.Gravatar)
  95. ctxUser.AvatarEmail = form.Gravatar
  96. }
  97. if form.Avatar != nil {
  98. fr, err := form.Avatar.Open()
  99. if err != nil {
  100. return fmt.Errorf("Avatar.Open: %v", err)
  101. }
  102. defer fr.Close()
  103. data, err := ioutil.ReadAll(fr)
  104. if err != nil {
  105. return fmt.Errorf("ioutil.ReadAll: %v", err)
  106. }
  107. if !base.IsImageFile(data) {
  108. return errors.New(ctx.Tr("settings.uploaded_avatar_not_a_image"))
  109. }
  110. if err = ctxUser.UploadAvatar(data); err != nil {
  111. return fmt.Errorf("UploadAvatar: %v", err)
  112. }
  113. } else {
  114. // No avatar is uploaded but setting has been changed to enable,
  115. // generate a random one when needed.
  116. if ctxUser.UseCustomAvatar && !com.IsFile(ctxUser.CustomAvatarPath()) {
  117. if err := ctxUser.GenerateRandomAvatar(); err != nil {
  118. log.Error(4, "GenerateRandomAvatar[%d]: %v", ctxUser.ID, err)
  119. }
  120. }
  121. }
  122. if err := models.UpdateUser(ctxUser); err != nil {
  123. return fmt.Errorf("UpdateUser: %v", err)
  124. }
  125. return nil
  126. }
  127. func SettingsAvatar(ctx *context.Context) {
  128. ctx.Data["Title"] = ctx.Tr("settings")
  129. ctx.Data["PageIsSettingsAvatar"] = true
  130. ctx.HTML(200, SETTINGS_AVATAR)
  131. }
  132. func SettingsAvatarPost(ctx *context.Context, form auth.AvatarForm) {
  133. if err := UpdateAvatarSetting(ctx, form, ctx.User); err != nil {
  134. ctx.Flash.Error(err.Error())
  135. } else {
  136. ctx.Flash.Success(ctx.Tr("settings.update_avatar_success"))
  137. }
  138. ctx.Redirect(setting.AppSubUrl + "/user/settings/avatar")
  139. }
  140. func SettingsDeleteAvatar(ctx *context.Context) {
  141. if err := ctx.User.DeleteAvatar(); err != nil {
  142. ctx.Flash.Error(err.Error())
  143. }
  144. ctx.Redirect(setting.AppSubUrl + "/user/settings/avatar")
  145. }
  146. func SettingsPassword(ctx *context.Context) {
  147. ctx.Data["Title"] = ctx.Tr("settings")
  148. ctx.Data["PageIsSettingsPassword"] = true
  149. ctx.HTML(200, SETTINGS_PASSWORD)
  150. }
  151. func SettingsPasswordPost(ctx *context.Context, form auth.ChangePasswordForm) {
  152. ctx.Data["Title"] = ctx.Tr("settings")
  153. ctx.Data["PageIsSettingsPassword"] = true
  154. if ctx.HasError() {
  155. ctx.HTML(200, SETTINGS_PASSWORD)
  156. return
  157. }
  158. if !ctx.User.ValidatePassword(form.OldPassword) {
  159. ctx.Flash.Error(ctx.Tr("settings.password_incorrect"))
  160. } else if form.Password != form.Retype {
  161. ctx.Flash.Error(ctx.Tr("form.password_not_match"))
  162. } else {
  163. ctx.User.Passwd = form.Password
  164. ctx.User.Salt = models.GetUserSalt()
  165. ctx.User.EncodePasswd()
  166. if err := models.UpdateUser(ctx.User); err != nil {
  167. ctx.Handle(500, "UpdateUser", err)
  168. return
  169. }
  170. log.Trace("User password updated: %s", ctx.User.Name)
  171. ctx.Flash.Success(ctx.Tr("settings.change_password_success"))
  172. }
  173. ctx.Redirect(setting.AppSubUrl + "/user/settings/password")
  174. }
  175. func SettingsEmails(ctx *context.Context) {
  176. ctx.Data["Title"] = ctx.Tr("settings")
  177. ctx.Data["PageIsSettingsEmails"] = true
  178. emails, err := models.GetEmailAddresses(ctx.User.ID)
  179. if err != nil {
  180. ctx.Handle(500, "GetEmailAddresses", err)
  181. return
  182. }
  183. ctx.Data["Emails"] = emails
  184. ctx.HTML(200, SETTINGS_EMAILS)
  185. }
  186. func SettingsEmailPost(ctx *context.Context, form auth.AddEmailForm) {
  187. ctx.Data["Title"] = ctx.Tr("settings")
  188. ctx.Data["PageIsSettingsEmails"] = true
  189. // Make emailaddress primary.
  190. if ctx.Query("_method") == "PRIMARY" {
  191. if err := models.MakeEmailPrimary(&models.EmailAddress{ID: ctx.QueryInt64("id")}); err != nil {
  192. ctx.Handle(500, "MakeEmailPrimary", err)
  193. return
  194. }
  195. log.Trace("Email made primary: %s", ctx.User.Name)
  196. ctx.Redirect(setting.AppSubUrl + "/user/settings/email")
  197. return
  198. }
  199. // Add Email address.
  200. emails, err := models.GetEmailAddresses(ctx.User.ID)
  201. if err != nil {
  202. ctx.Handle(500, "GetEmailAddresses", err)
  203. return
  204. }
  205. ctx.Data["Emails"] = emails
  206. if ctx.HasError() {
  207. ctx.HTML(200, SETTINGS_EMAILS)
  208. return
  209. }
  210. email := &models.EmailAddress{
  211. UID: ctx.User.ID,
  212. Email: form.Email,
  213. IsActivated: !setting.Service.RegisterEmailConfirm,
  214. }
  215. if err := models.AddEmailAddress(email); err != nil {
  216. if models.IsErrEmailAlreadyUsed(err) {
  217. ctx.RenderWithErr(ctx.Tr("form.email_been_used"), SETTINGS_EMAILS, &form)
  218. return
  219. }
  220. ctx.Handle(500, "AddEmailAddress", err)
  221. return
  222. }
  223. // Send confirmation email
  224. if setting.Service.RegisterEmailConfirm {
  225. models.SendActivateEmailMail(ctx.Context, ctx.User, email)
  226. if err := ctx.Cache.Put("MailResendLimit_"+ctx.User.LowerName, ctx.User.LowerName, 180); err != nil {
  227. log.Error(4, "Set cache(MailResendLimit) fail: %v", err)
  228. }
  229. ctx.Flash.Info(ctx.Tr("settings.add_email_confirmation_sent", email.Email, setting.Service.ActiveCodeLives/60))
  230. } else {
  231. ctx.Flash.Success(ctx.Tr("settings.add_email_success"))
  232. }
  233. log.Trace("Email address added: %s", email.Email)
  234. ctx.Redirect(setting.AppSubUrl + "/user/settings/email")
  235. }
  236. func DeleteEmail(ctx *context.Context) {
  237. if err := models.DeleteEmailAddress(&models.EmailAddress{ID: ctx.QueryInt64("id")}); err != nil {
  238. ctx.Handle(500, "DeleteEmail", err)
  239. return
  240. }
  241. log.Trace("Email address deleted: %s", ctx.User.Name)
  242. ctx.Flash.Success(ctx.Tr("settings.email_deletion_success"))
  243. ctx.JSON(200, map[string]interface{}{
  244. "redirect": setting.AppSubUrl + "/user/settings/email",
  245. })
  246. }
  247. func SettingsSSHKeys(ctx *context.Context) {
  248. ctx.Data["Title"] = ctx.Tr("settings")
  249. ctx.Data["PageIsSettingsSSHKeys"] = true
  250. keys, err := models.ListPublicKeys(ctx.User.ID)
  251. if err != nil {
  252. ctx.Handle(500, "ListPublicKeys", err)
  253. return
  254. }
  255. ctx.Data["Keys"] = keys
  256. ctx.HTML(200, SETTINGS_SSH_KEYS)
  257. }
  258. func SettingsSSHKeysPost(ctx *context.Context, form auth.AddSSHKeyForm) {
  259. ctx.Data["Title"] = ctx.Tr("settings")
  260. ctx.Data["PageIsSettingsSSHKeys"] = true
  261. keys, err := models.ListPublicKeys(ctx.User.ID)
  262. if err != nil {
  263. ctx.Handle(500, "ListPublicKeys", err)
  264. return
  265. }
  266. ctx.Data["Keys"] = keys
  267. if ctx.HasError() {
  268. ctx.HTML(200, SETTINGS_SSH_KEYS)
  269. return
  270. }
  271. content, err := models.CheckPublicKeyString(form.Content)
  272. if err != nil {
  273. if models.IsErrKeyUnableVerify(err) {
  274. ctx.Flash.Info(ctx.Tr("form.unable_verify_ssh_key"))
  275. } else {
  276. ctx.Flash.Error(ctx.Tr("form.invalid_ssh_key", err.Error()))
  277. ctx.Redirect(setting.AppSubUrl + "/user/settings/ssh")
  278. return
  279. }
  280. }
  281. if _, err = models.AddPublicKey(ctx.User.ID, form.Title, content); err != nil {
  282. ctx.Data["HasError"] = true
  283. switch {
  284. case models.IsErrKeyAlreadyExist(err):
  285. ctx.Data["Err_Content"] = true
  286. ctx.RenderWithErr(ctx.Tr("settings.ssh_key_been_used"), SETTINGS_SSH_KEYS, &form)
  287. case models.IsErrKeyNameAlreadyUsed(err):
  288. ctx.Data["Err_Title"] = true
  289. ctx.RenderWithErr(ctx.Tr("settings.ssh_key_name_used"), SETTINGS_SSH_KEYS, &form)
  290. default:
  291. ctx.Handle(500, "AddPublicKey", err)
  292. }
  293. return
  294. }
  295. ctx.Flash.Success(ctx.Tr("settings.add_key_success", form.Title))
  296. ctx.Redirect(setting.AppSubUrl + "/user/settings/ssh")
  297. }
  298. func DeleteSSHKey(ctx *context.Context) {
  299. if err := models.DeletePublicKey(ctx.User, ctx.QueryInt64("id")); err != nil {
  300. ctx.Flash.Error("DeletePublicKey: " + err.Error())
  301. } else {
  302. ctx.Flash.Success(ctx.Tr("settings.ssh_key_deletion_success"))
  303. }
  304. ctx.JSON(200, map[string]interface{}{
  305. "redirect": setting.AppSubUrl + "/user/settings/ssh",
  306. })
  307. }
  308. func SettingsApplications(ctx *context.Context) {
  309. ctx.Data["Title"] = ctx.Tr("settings")
  310. ctx.Data["PageIsSettingsApplications"] = true
  311. tokens, err := models.ListAccessTokens(ctx.User.ID)
  312. if err != nil {
  313. ctx.Handle(500, "ListAccessTokens", err)
  314. return
  315. }
  316. ctx.Data["Tokens"] = tokens
  317. ctx.HTML(200, SETTINGS_APPLICATIONS)
  318. }
  319. func SettingsApplicationsPost(ctx *context.Context, form auth.NewAccessTokenForm) {
  320. ctx.Data["Title"] = ctx.Tr("settings")
  321. ctx.Data["PageIsSettingsApplications"] = true
  322. if ctx.HasError() {
  323. tokens, err := models.ListAccessTokens(ctx.User.ID)
  324. if err != nil {
  325. ctx.Handle(500, "ListAccessTokens", err)
  326. return
  327. }
  328. ctx.Data["Tokens"] = tokens
  329. ctx.HTML(200, SETTINGS_APPLICATIONS)
  330. return
  331. }
  332. t := &models.AccessToken{
  333. UID: ctx.User.ID,
  334. Name: form.Name,
  335. }
  336. if err := models.NewAccessToken(t); err != nil {
  337. ctx.Handle(500, "NewAccessToken", err)
  338. return
  339. }
  340. ctx.Flash.Success(ctx.Tr("settings.generate_token_succees"))
  341. ctx.Flash.Info(t.Sha1)
  342. ctx.Redirect(setting.AppSubUrl + "/user/settings/applications")
  343. }
  344. func SettingsDeleteApplication(ctx *context.Context) {
  345. if err := models.DeleteAccessTokenByID(ctx.QueryInt64("id")); err != nil {
  346. ctx.Flash.Error("DeleteAccessTokenByID: " + err.Error())
  347. } else {
  348. ctx.Flash.Success(ctx.Tr("settings.delete_token_success"))
  349. }
  350. ctx.JSON(200, map[string]interface{}{
  351. "redirect": setting.AppSubUrl + "/user/settings/applications",
  352. })
  353. }
  354. func SettingsDelete(ctx *context.Context) {
  355. ctx.Data["Title"] = ctx.Tr("settings")
  356. ctx.Data["PageIsSettingsDelete"] = true
  357. if ctx.Req.Method == "POST" {
  358. if _, err := models.UserSignIn(ctx.User.Name, ctx.Query("password")); err != nil {
  359. if models.IsErrUserNotExist(err) {
  360. ctx.RenderWithErr(ctx.Tr("form.enterred_invalid_password"), SETTINGS_DELETE, nil)
  361. } else {
  362. ctx.Handle(500, "UserSignIn", err)
  363. }
  364. return
  365. }
  366. if err := models.DeleteUser(ctx.User); err != nil {
  367. switch {
  368. case models.IsErrUserOwnRepos(err):
  369. ctx.Flash.Error(ctx.Tr("form.still_own_repo"))
  370. ctx.Redirect(setting.AppSubUrl + "/user/settings/delete")
  371. case models.IsErrUserHasOrgs(err):
  372. ctx.Flash.Error(ctx.Tr("form.still_has_org"))
  373. ctx.Redirect(setting.AppSubUrl + "/user/settings/delete")
  374. default:
  375. ctx.Handle(500, "DeleteUser", err)
  376. }
  377. } else {
  378. log.Trace("Account deleted: %s", ctx.User.Name)
  379. ctx.Redirect(setting.AppSubUrl + "/")
  380. }
  381. return
  382. }
  383. ctx.HTML(200, SETTINGS_DELETE)
  384. }